Comments (5)
To be clear, I’ve personally softened my position since then. I don’t think using a constant-time comparison function adds any actual security, but if it makes people feel better (and therefore more likely to use bcrypt instead of rolling their own), the cost isn’t particularly high.
I’m not maintaining the codebase, however, so I’ll defer to those who would actually bear that cost.
from bcrypt-ruby.
No. One of the desired properties of a cryptographic hash function is preimage attack resistance, which means there is no shortcut for generating a message which, when hashed, produces a specific digest.
Finding a first-preimage attack for bcrypt would be surprising, to say the least.
from bcrypt-ruby.
Hey, I have been worried recently about this issue. I understand the reason why it is not needed, but it seems that other language implementations like timingsafe_bcmp.c
in py-bcrypt
or password_verify()
in PHP use constant time functions, following defence in depth policy.
I just took this information from a post in security stackexchange:
For hashing schemes such as Bcrypt, Scrypt, etc., timing attacks are irrelevant. Using comparisons such as == and === isn't a problem. Having that said, using constant time comparison is a good practice as part of a defence-in-depth policy. In fact, many Bcrypt implementations already used timing-safe comparison just in case (timingsafe_bcmp.c in py-bcrypt, for example).
What do you think about it?
from bcrypt-ruby.
@waiting-for-dev See #43 for much more information about why this is unnecessary.
Regarding "defense in depth" for this specific issue, @codahale said it best on #43:
It's like saying holding an umbrella gives you a "slight advantage" over holding nothing over your head when a piano is dropped on you.
from bcrypt-ruby.
Ok, thanks for pointing me there :)
from bcrypt-ruby.
Related Issues (20)
- bcrypt 3.1.15 failing on FreeBSD 12 HOT 7
- some calibration tests of the engine fail on s390x architecture
- Cannot install on Windows: ld.exe: cannot find -lgmp HOT 1
- I can't use bcrypt on Apple M1 Chip HOT 4
- failure for test "Generating BCrypt hashes should be interoperable with other implementations"
- Maintenance of bcrypt-ruby (creation of ruby-crypto org?) HOT 16
- Master branch failing due to cost factor
- Issue with devise and bcrypt on a macbook m1 rails install HOT 2
- Rails 6.1.3.1 - BCrypt::Errors::InvalidHash Exception: invalid hash HOT 2
- Fails to install on Ruby 3.0.2 HOT 1
- Cannot install bcrypt on Windows 10 HOT 4
- mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64e' M1 macbook issue. HOT 1
- New release? HOT 3
- tag 3.1.18? HOT 1
- Unexpected implementation of == method in Password class
- Encryption level HOT 1
- Bcrypt 3.1.18 not working on Ubuntu 22.04.02 LTS HOT 2
- please tag 3.1.20 HOT 1
- Password presence validation bizarre behaviour HOT 1
- Make C-extension Ractor-safe HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bcrypt-ruby.